theY4Kman / parsuricata
Parse Suricata rules
☆13Updated last year
Related projects: ⓘ
- Pure python parser for Snort/Suricata rules.☆25Updated 6 months ago
- Command-line tool to format and syntax highlight Suricata rules☆13Updated 4 years ago
- Collection of various open-source an commercial rulesets for NIDS (especially for Suricata and Snort)☆19Updated last year
- Suricata rule and intel index☆28Updated last month
- pyJARM is a library for doing JARM fingerprinting using python☆50Updated 3 years ago
- Yara powered NIDS with high speed packet capture powered by PF_RING☆66Updated 4 months ago
- Useful resources for Zeek(https://zeek.org/) (Bro(http://bro.org/))☆31Updated 4 years ago
- provides a Suricata Eve output for Kafka with Suricate Eve plugin☆14Updated 2 years ago
- Meer is a "spooler" for Suricata / Sagan.☆28Updated last year
- Golang based web service to scan files with yara rules☆26Updated 7 years ago
- Tracking APT IOCs☆24Updated 3 years ago
- Growing collection of Spicy-based protocol and file analyzers for Zeek☆32Updated this week
- Threat Detection Rules (Snort/Sigma/Yara)☆12Updated 7 months ago
- Network timing evaluation used to detect beacons, works with argus flow as the source☆18Updated 8 years ago
- Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…☆60Updated 4 months ago
- fast, extensible, versatile event router for Suricata's EVE-JSON format☆50Updated 2 months ago
- Zeek script library for getting the effective TLD of a domain.☆13Updated 5 months ago
- A tools to work on suricata stats.log file.☆27Updated 8 years ago
- ☆34Updated last year
- Generate JSON force-directed/ node graph data from MITRE's ATTACK framework and visualize it interactively☆22Updated 3 years ago
- Build a local copy of MITRE ATT&CK and CAPEC. Server mode for easy querying.☆29Updated this week
- Meer (GPLv2) is a dedicated "spooler" for the Suricata & Sagan EVE output formats.☆23Updated 3 years ago
- Various blog post projects.☆10Updated 3 months ago
- Bro integration with osquery☆14Updated last year
- Open source endpoint agent providing host information to Zeek. [v2]☆61Updated this week
- Go implementation of the Community ID flow hashing standard☆19Updated 3 weeks ago
- ssdeep cluster analysis for malware files☆29Updated 4 years ago
- Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)☆74Updated this week
- ☆11Updated this week
- go-atomicredteam is a Golang application to execute tests as defined in the atomics folder of Red Canary's Atomic Red Team project (https…☆45Updated last year